From: mleitner@xxxxxxxxxx Date: Thu, 11 Jun 2015 14:49:46 -0300 > From: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx> > > Currently, we can ask to authenticate DATA chunks and we can send DATA > chunks on the same packet as COOKIE_ECHO, but if you try to combine > both, the DATA chunk will be sent unauthenticated and peer won't accept > it, leading to a communication failure. > > This happens because even though the data was queued after it was > requested to authenticate DATA chunks, it was also queued before we > could know that remote peer can handle authenticating, so > sctp_auth_send_cid() returns false. > > The fix is whenever we set up an active key, re-check send queue for > chunks that now should be authenticated. As a result, such packet will > now contain COOKIE_ECHO + AUTH + DATA chunks, in that order. > > Reported-by: Liu Wei <weliu@xxxxxxxxxx> > Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx> Vlad/Neil, please review. -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
